You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
a) Save certPEM from the sample app into a file, e.g. cert.pem
b) Start WireShark and capture traffic on lo or lo0
c) Set a filter tcp.port == 4433
d) Goto Preferences -> Protocols -> SSL and add the cert.pem to the RSA key list for 127.0.0.1:4433 protocol tcp
Run the sample program from as follows:
1st terminal: go run main.go -server
2nd terminal: go run main.go
This will start a server in the first terminal and a client in the second terminal which executes a SNI handshake.
WireShark will capture and decrypt the traffic
What did you expect to see?
A Server Hello with an empty server_name extension, e.g.
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 53
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 49
Version: TLS 1.2 (0x0303)
Random
Session ID Length: 0
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Compression Method: null (0)
Extensions Length: 9
Extension: server_name
Type: server_name (0x0000)
Length: 0
Extension: renegotiation_info
Type: renegotiation_info (0xff01)
Length: 1
Renegotiation Info extension
Renegotiation info extension length: 0
What did you see instead?
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 49
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 45
Version: TLS 1.2 (0x0303)
Random
Session ID Length: 0
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Compression Method: null (0)
Extensions Length: 5
Extension: renegotiation_info
Type: renegotiation_info (0xff01)
Length: 1
Renegotiation Info extension
Renegotiation info extension length: 0
The extension section of the ServerHello does not contain a server_name extension.
When you make a request with an SNI header the client sends a client hello with a server name extension. RFC 6606 Section 3 states:
A server that receives a client hello containing the "server_name"
extension MAY use the information contained in the extension to guide
its selection of an appropriate certificate to return to the client,
and/or other aspects of security policy. In this event, the server
SHALL include an extension of type "server_name" in the (extended)
server hello. The "extension_data" field of this extension SHALL be
empty.
We found this when debugging a TLS connection from the AWS API GW to a go server instance.
I am not sure whether this is a real issue or something that can be ignored. In any case it seems to be mentioned in the RFC and I couldn't find any mention in the issues. So even if it doesn't get addressed people can still find out why.
I realize that you prefer discussion first over code but the following patch added the server_name extension:
I've never understood why the RFC says that and crypto/tls may not always know whether a callback used the SNI name or not. So the only reasonable answers are to never echo the extension or to always echo it. We currently do the former. Your change would lead to the latter. I welcome any suggestions about advantages!
There's no reported problems arising from this I believe. OpenSSL, for what it's worth, allows a callback to decide whether to echo this. Since we don't have that and there's no concrete motivation, I don't see impetus to change our behaviour here.
Please answer these questions before submitting your issue. Thanks!
go version
)?go env
)?Sample app: https://play.golang.org/p/Tk9CR4BUyU
a) Save
certPEM
from the sample app into a file, e.g.cert.pem
b) Start WireShark and capture traffic on
lo
orlo0
c) Set a filter
tcp.port == 4433
d) Goto
Preferences -> Protocols -> SSL
and add thecert.pem
to the RSA key list for127.0.0.1:4433
protocoltcp
Run the sample program from as follows:
1st terminal:
go run main.go -server
2nd terminal:
go run main.go
This will start a server in the first terminal and a client in the second terminal which executes a SNI handshake.
WireShark will capture and decrypt the traffic
A Server Hello with an empty
server_name
extension, e.g.The extension section of the ServerHello does not contain a
server_name
extension.When you make a request with an SNI header the client sends a client hello with a server name extension. RFC 6606 Section 3 states:
We found this when debugging a TLS connection from the AWS API GW to a go server instance.
I am not sure whether this is a real issue or something that can be ignored. In any case it seems to be mentioned in the RFC and I couldn't find any mention in the issues. So even if it doesn't get addressed people can still find out why.
I realize that you prefer discussion first over code but the following patch added the
server_name
extension:The text was updated successfully, but these errors were encountered: